Vulnerabilities > CVE-2014-1704 - Unspecified vulnerability in Google Chrome and V8
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN google
nessus
Summary
Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Vulnerable Configurations
Nessus
NASL family Windows NASL id GOOGLE_CHROME_33_0_1750_149.NASL description The version of Google Chrome installed on the remote host is a version prior to 33.0.1750.149. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to last seen 2020-06-01 modified 2020-06-02 plugin id 72939 published 2014-03-11 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72939 title Google Chrome < 33.0.1750.149 Multiple Vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2014-4081.NASL description Common Vulnerabilities and Exposures assigned an identifier CVE-2014-1704 to the following vulnerability : URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704 Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Only one vulnerability in this CVE affects v8-3.14.5.10 in Fedora. This update fixes the vulnerability involving unsigned integer arithmetic. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-04-03 plugin id 73312 published 2014-04-03 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73312 title Fedora 19 : v8-3.14.5.10-7.fc19 (2014-4081) NASL family Fedora Local Security Checks NASL id FEDORA_2014-4625.NASL description Common Vulnerabilities and Exposures assigned an identifier CVE-2014-1704 to the following vulnerability : URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704 Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Only one vulnerability in this CVE affects v8-3.14.5.10 in Fedora. This update fixes the vulnerability involving unsigned integer arithmetic. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-04-16 plugin id 73538 published 2014-04-16 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73538 title Fedora 20 : v8-3.14.5.10-7.fc20 (2014-4625) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2883.NASL description Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium last seen 2020-03-17 modified 2014-03-25 plugin id 73164 published 2014-03-25 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73164 title Debian DSA-2883-1 : chromium-browser - security update NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_24CEFA4BA94011E391F200262D5ED8EE.NASL description Google Chrome Releases reports : 7 vulnerabilities fixed in this release, including : - [344881] High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva. - [342618] High CVE-2014-1701: UXSS in events. Credit to aidanhs. - [333058] High CVE-2014-1702: Use-after-free in web database. Credit to Collin Payne. - [338354] High CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets. - [328202, 349079, 345715] CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18. last seen 2020-06-01 modified 2020-06-02 plugin id 72955 published 2014-03-12 reporter This script is Copyright (C) 2014 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72955 title FreeBSD : www/chromium --multiple vulnerabilities (24cefa4b-a940-11e3-91f2-00262d5ed8ee) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-280.NASL description Chromium was updated to the 33.0.1750.152 stable channel uodate : - Security fixes : - CVE-2014-1713: Use-after-free in Blink bindings - CVE-2014-1714: Windows clipboard vulnerability - CVE-2014-1705: Memory corruption in V8 - CVE-2014-1715: Directory traversal issue Previous stable channel update 33.0.1750.149 : - Security fixes : - CVE-2014-1700: Use-after-free in speech - CVE-2014-1701: UXSS in events - CVE-2014-1702: Use-after-free in web database - CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets - CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18 last seen 2020-06-05 modified 2014-06-13 plugin id 75318 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75318 title openSUSE Security Update : chromium (openSUSE-SU-2014:0501-1) NASL family MacOS X Local Security Checks NASL id MACOSX_GOOGLE_CHROME_33_0_1750_149.NASL description The version of Google Chrome installed on the remote Mac OS X host is a version prior to 33.0.1750.149. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to last seen 2020-06-01 modified 2020-06-02 plugin id 72940 published 2014-03-11 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72940 title Google Chrome < 33.0.1750.149 Multiple Vulnerabilities (Mac OS X) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201408-16.NASL description The remote host is affected by the vulnerability described in GLSA-201408-16 (Chromium: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could conduct a number of attacks which include: cross site scripting attacks, bypassing of sandbox protection, potential execution of arbitrary code with the privileges of the process, or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 77460 published 2014-08-30 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77460 title GLSA-201408-16 : Chromium: Multiple vulnerabilities
Redhat
rpms |
|
References
- http://www.debian.org/security/2014/dsa-2883
- http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html
- http://security.gentoo.org/glsa/glsa-201408-16.xml
- https://code.google.com/p/v8/source/detail?r=18564
- http://www.securitytracker.com/id/1029914
- http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html
- https://code.google.com/p/chromium/issues/detail?id=345715
- https://code.google.com/p/v8/source/detail?r=19668
- https://code.google.com/p/v8/source/detail?r=19614
- https://code.google.com/p/chromium/issues/detail?id=349079
- https://code.google.com/p/chromium/issues/detail?id=328202